Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/T2qZTTFWVSNBNeXqRrv5AJne1B0.roa
File: T2qZTTFWVSNBNeXqRrv5AJne1B0.roa (raw, json)
Hash identifier: EWp0bMjXe6eEnMu430F2WwTP+lMlXpj/M+oOz9ex/1k=
Subject key identifier: 4F:6A:99:4D:31:56:55:23:41:35:E5:EA:46:BB:F9:00:99:DE:D4:1D
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 01966BDC6F235B1A8CBEF9390FEB4446A4DE
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/T2qZTTFWVSNBNeXqRrv5AJne1B0.roa
Signing time: Fri 25 Apr 2025 07:32:10 +0000
ROA not before: Fri 25 Apr 2025 07:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 185.189.244.0/23 maxlen: 24
185.189.246.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 16:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:6b:dc:6f:23:5b:1a:8c:be:f9:39:0f:eb:44:46:a4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Apr 25 07:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f6a994d315655234135e5ea46bbf90099ded41d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:42:32:3d:13:bc:4c:67:ed:50:a6:f0:b2:7d:
43:d0:36:20:12:75:f9:57:a9:51:67:f6:91:c4:10:
60:07:2a:ed:a5:3a:85:d1:60:e3:9c:4f:0c:df:09:
1e:0f:ce:dc:cb:93:b6:b5:c3:46:d6:11:3b:d4:67:
3d:bd:a3:48:bb:3d:73:d6:04:33:a6:28:00:dc:25:
cb:7f:09:26:30:df:f4:f6:82:3e:0c:c6:7c:ff:92:
c3:82:a4:35:55:20:52:0c:ad:8f:e3:1a:fa:6d:4d:
ee:be:b7:ef:06:7d:0a:c5:77:9b:34:d5:b0:72:ae:
9f:9f:d5:db:4c:dd:94:04:55:59:91:30:28:d3:ee:
c9:52:71:66:8a:d9:40:95:27:c7:a8:99:60:12:c9:
93:5c:b9:24:66:92:30:3b:3f:2a:56:05:bd:05:a3:
b9:d6:b9:70:81:c7:8e:59:a3:1e:f4:70:10:28:fd:
d1:85:3b:9a:37:20:b6:c8:a3:e9:11:6a:5a:a0:3d:
73:15:e0:96:c0:38:db:de:50:24:61:cb:3d:42:28:
0b:77:67:48:8e:5e:a9:28:2c:e9:9b:97:09:a4:a4:
8d:d4:e4:b8:52:40:77:36:61:c0:2b:04:fd:78:bf:
ab:6a:fd:f4:08:cf:08:33:28:1c:75:ac:ac:c0:af:
73:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:6A:99:4D:31:56:55:23:41:35:E5:EA:46:BB:F9:00:99:DE:D4:1D
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/T2qZTTFWVSNBNeXqRrv5AJne1B0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.244.0/22
Signature Algorithm: sha256WithRSAEncryption
07:3a:a4:3f:b0:93:98:c9:2d:be:3b:40:24:03:cd:06:9f:d8:
7d:36:ed:8e:3f:14:eb:d7:06:42:a9:bd:0e:60:43:82:06:2a:
30:d7:32:c8:95:a7:bf:67:9d:05:e4:19:10:8b:ea:3d:74:87:
75:8b:2a:ec:f6:34:e2:4a:1c:6b:52:14:d4:1b:d1:f7:84:22:
3b:0f:b2:0c:cf:85:eb:f7:b9:b4:be:6b:16:d5:59:cb:c6:d3:
ac:cb:d4:61:2e:39:75:3d:1d:74:63:8c:9a:bf:1b:ef:e2:07:
cd:a0:12:a3:d8:4c:25:81:93:4a:b4:58:f9:6f:59:ee:99:b0:
64:e3:2f:0c:ae:8d:db:8a:15:6e:2d:d0:31:25:57:21:33:49:
3f:b4:6d:26:fd:8b:39:1b:0a:50:e3:78:34:ae:63:4e:12:c2:
9a:00:72:c8:02:63:74:d9:24:75:04:cd:eb:68:5f:32:98:9e:
9e:63:53:64:ad:5e:57:46:a9:e6:19:2f:d0:27:4b:fd:82:ef:
d8:d2:2d:84:65:97:b5:77:4c:36:1b:d9:63:13:c8:15:b4:f0:
92:12:5e:d2:fe:e6:e2:b5:a0:ef:6d:8a:37:32:28:5d:ec:d8:
d3:cb:a0:f6:61:65:14:88:8c:5e:29:d6:1a:2e:c0:41:80:c0:
3a:09:f4:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZr3G8jWxqMvvk5D+tERqTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjUwNDI1MDczMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjZhOTk0ZDMxNTY1NTIzNDEzNWU1ZWE0NmJiZjkwMDk5ZGVkNDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEIyPRO8TGftUKbwsn1D0DYgEnX5
V6lRZ/aRxBBgByrtpTqF0WDjnE8M3wkeD87cy5O2tcNG1hE71Gc9vaNIuz1z1gQz
pigA3CXLfwkmMN/09oI+DMZ8/5LDgqQ1VSBSDK2P4xr6bU3uvrfvBn0KxXebNNWw
cq6fn9XbTN2UBFVZkTAo0+7JUnFmitlAlSfHqJlgEsmTXLkkZpIwOz8qVgW9BaO5
1rlwgceOWaMe9HAQKP3RhTuaNyC2yKPpEWpaoD1zFeCWwDjb3lAkYcs9QigLd2dI
jl6pKCzpm5cJpKSN1OS4UkB3NmHAKwT9eL+rav30CM8IMygcdayswK9zOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9qmU0xVlUjQTXl6ka7+QCZ3tQdMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvVDJxWlRURldWU05CTmVYcVJydjVBSm5lMUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub30MA0G
CSqGSIb3DQEBCwUAA4IBAQAHOqQ/sJOYyS2+O0AkA80Gn9h9Nu2OPxTr1wZCqb0O
YEOCBiow1zLIlae/Z50F5BkQi+o9dId1iyrs9jTiShxrUhTUG9H3hCI7D7IMz4Xr
97m0vmsW1VnLxtOsy9RhLjl1PR10Y4yavxvv4gfNoBKj2EwlgZNKtFj5b1numbBk
4y8Mro3bihVuLdAxJVchM0k/tG0m/Ys5GwpQ43g0rmNOEsKaAHLIAmN02SR1BM3r
aF8ymJ6eY1NkrV5XRqnmGS/QJ0v9gu/Y0i2EZZe1d0w2G9ljE8gVtPCSEl7S/ubi
taDvbYo3Mihd7NjTy6D2YWUUiIxeKdYaLsBBgMA6CfRJ
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:59:01 2025 by rpki-client